SlideShare a Scribd company logo

SecureIoT MVI use case pitch presentation

Download as PPTX, PDF
M
Mariza Konidi

SecureIoT is a project that aims to increase supply chain resilience through continuous monitoring of operational technology systems. It uses independent observer devices to detect attacks, errors, and abnormal machine behavior early. The devices monitor process data using security analytics and machine learning to identify anomalies. SecureIoT also facilitates secure access and automated configuration audits to help maintain security and prevent infection transmission between machines. Its goal is to help protect against slow, targeted attacks on manufacturing systems and their supply chains.

Technology
1 of 10
SecureIoT Facilitating Supply Chain Resilience 21.10.2020 This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 779899
• Communication risk • Intelligent things can be manipulated • Included software not known Facilitating Supply Chain Resilience Supply Chain at risk
SecureIoT - Use Case Industrie 4.0 Supply Chain Resilience Example: STUXNET-like Attack • Individualized attack • Slow attack • Probably trained by a lot of publicly available system data Attack-Surface • Attack takes place at the manufacturer - or in a malicious module as spare part or update • System-SW may contain virus base. • The fact that powerful systems are built into Edge means that there is capacity for attacks there. • Unknown sleeping malicious systems (or backdoors, fixed passwords) • Wake up by "signal", e.g. “pattern" in specific product configuration • Problem: Prediction only limited, for "not yet affected systems”
Supply Chain Resilience SecureIoT capabilities Security of the operating status is unknown We must observe the operation independently of the machines. SecureIoT is independent observer and analyst. Process Monitoring - Detection of process anomalies (Security Analytics) monitors process data to: • detect attacks • detect operator errors • detect abnormal machine behaviour in early stage supporting predictive maintenance Trustworthiness enables Secure Access (Developer Support) Automated IIoT Configuration Audit (Compliance Audit)
SecureIoT – Continuous OT Security Monitoring
SecureIoT – Detection and Prediction of Attacks SecureIoT Process Monitoring Part Order Attack Attack AI based Security Analytics • Learning / Training • Process Mining • Pattern recognitionEdge Analytics Future Objective
M2M Scheduler M2M – Trustworthiness Evaluation facilitates secure Access Evaluate Process Log- files Calculate Characteristics Trustworthiness Probes ABAC Policy Engine Grants access based on dynamic evaluation of Trustworthiness
Automated IIoT Configuration Audit facilitates Resilience Secure IIoT Deployment Push configuration to SecureIoT CMDB Changes trigger Use Case Frontend To be implemented Automatic Request for Audit Automatic Response: Audit ResultUse Case Frontend ABAC Policy Engine – Administrative Backend SecureIoT CMDB Request CIs Respond CIs CMDB Probes 1 4 2 3 5 6 7
Takeaways Machines have a long service life and rarely have updates Machines are always the target of massive attacks Supply Chain Resilience facilitated by SecureIoT • Monitoring and anomaly detection through additional and independent IoT devices • Prevention of infection transmission to other machines through trustworthy access • Maintenance of the required security level through secure configuration
Thank you

Recommended

SCC (Security Control Center)
SCC (Security Control Center)SCC (Security Control Center)
SCC (Security Control Center)
Junyoung Jung
 
Nagios Conference 2014 - Jorge Higueros - SNAPS
Nagios Conference 2014 - Jorge Higueros - SNAPSNagios Conference 2014 - Jorge Higueros - SNAPS
Nagios Conference 2014 - Jorge Higueros - SNAPS
Nagios
 
F-Secure Policy Manager - onsite security management with superior control
F-Secure Policy Manager - onsite security management with superior controlF-Secure Policy Manager - onsite security management with superior control
F-Secure Policy Manager - onsite security management with superior control
F-Secure Corporation
 
ME Information Security
ME Information SecurityME Information Security
ME Information Security
Mohamed Monsef
 
Business Suite - Gain control of your IT security
Business Suite - Gain control of your IT securityBusiness Suite - Gain control of your IT security
Business Suite - Gain control of your IT security
F-Secure Corporation
 
Presentatie F-Secure 26062015
Presentatie F-Secure 26062015Presentatie F-Secure 26062015
Presentatie F-Secure 26062015
SLBdiensten
 
Lessson 2 - Application Layer
Lessson 2 - Application LayerLessson 2 - Application Layer
Lessson 2 - Application Layer
MLG College of Learning, Inc
 
Panda Security - Endpoint Protection Plus
Panda Security - Endpoint Protection PlusPanda Security - Endpoint Protection Plus
Panda Security - Endpoint Protection Plus
Panda Security
 

Recommended

SCC (Security Control Center)
SCC (Security Control Center)SCC (Security Control Center)
SCC (Security Control Center)
Junyoung Jung
 
Nagios Conference 2014 - Jorge Higueros - SNAPS
Nagios Conference 2014 - Jorge Higueros - SNAPSNagios Conference 2014 - Jorge Higueros - SNAPS
Nagios Conference 2014 - Jorge Higueros - SNAPS
Nagios
 
F-Secure Policy Manager - onsite security management with superior control
F-Secure Policy Manager - onsite security management with superior controlF-Secure Policy Manager - onsite security management with superior control
F-Secure Policy Manager - onsite security management with superior control
F-Secure Corporation
 
ME Information Security
ME Information SecurityME Information Security
ME Information Security
Mohamed Monsef
 
Business Suite - Gain control of your IT security
Business Suite - Gain control of your IT securityBusiness Suite - Gain control of your IT security
Business Suite - Gain control of your IT security
F-Secure Corporation
 
Presentatie F-Secure 26062015
Presentatie F-Secure 26062015Presentatie F-Secure 26062015
Presentatie F-Secure 26062015
SLBdiensten
 
Lessson 2 - Application Layer
Lessson 2 - Application LayerLessson 2 - Application Layer
Lessson 2 - Application Layer
MLG College of Learning, Inc
 
Panda Security - Endpoint Protection Plus
Panda Security - Endpoint Protection PlusPanda Security - Endpoint Protection Plus
Panda Security - Endpoint Protection Plus
Panda Security
 
Dmitry Kurbatov. Five Nightmares for a Telecom
Dmitry Kurbatov. Five Nightmares for a TelecomDmitry Kurbatov. Five Nightmares for a Telecom
Dmitry Kurbatov. Five Nightmares for a Telecom
Positive Hack Days
 
Security technologies
Security technologiesSecurity technologies
Security technologies
Dhani Ahmad
 
F-Secure E-mail and Server Security
F-Secure E-mail and Server SecurityF-Secure E-mail and Server Security
F-Secure E-mail and Server Security
F-Secure Corporation
 
Best corporate end-point protection 2013
Best corporate end-point protection 2013Best corporate end-point protection 2013
Best corporate end-point protection 2013
F-Secure Corporation
 
OSB240: What's New in Ivanti Application Control
OSB240: What's New in Ivanti Application ControlOSB240: What's New in Ivanti Application Control
OSB240: What's New in Ivanti Application Control
Ivanti
 
Data/File Security & Control
Data/File Security & ControlData/File Security & Control
Data/File Security & Control
Adetula Bunmi
 
Virtual Security
Virtual SecurityVirtual Security
Virtual Security
F-Secure Corporation
 
Cybersecurity Applied to Embedded Systems, Fundamentals of Embedded Systems a...
Cybersecurity Applied to Embedded Systems, Fundamentals of Embedded Systems a...Cybersecurity Applied to Embedded Systems, Fundamentals of Embedded Systems a...
Cybersecurity Applied to Embedded Systems, Fundamentals of Embedded Systems a...
Tonex
 
Powerful email protection
Powerful email protectionPowerful email protection
Powerful email protection
F-Secure Corporation
 
Achieving Cyber Essentials
Achieving Cyber Essentials Achieving Cyber Essentials
Achieving Cyber Essentials
Qonex
 
SOC OEM - Datasheet EN
SOC OEM - Datasheet ENSOC OEM - Datasheet EN
SOC OEM - Datasheet EN
ITrust - Cybersecurity as a Service
 
Hardware, and Trust Security: Explain it like I’m 5!
Hardware, and Trust Security: Explain it like I’m 5!Hardware, and Trust Security: Explain it like I’m 5!
Hardware, and Trust Security: Explain it like I’m 5!
Teddy Reed
 
Protection Service for Business
Protection Service for BusinessProtection Service for Business
Protection Service for Business
F-Secure Corporation
 
The Importance of Endpoint Protection - Featuring SEP 14
The Importance of Endpoint Protection - Featuring SEP 14The Importance of Endpoint Protection - Featuring SEP 14
The Importance of Endpoint Protection - Featuring SEP 14
Aventis Systems, Inc.
 
Internet gatekeeper
Internet gatekeeperInternet gatekeeper
Internet gatekeeper
F-Secure Corporation
 
Implementing Continuous Monitoring
Implementing Continuous MonitoringImplementing Continuous Monitoring
Implementing Continuous Monitoring
John Gilligan
 
Security assignment (copy)
Security assignment (copy)Security assignment (copy)
Security assignment (copy)
Amare Kassa
 
Security & control in mis
Security & control in misSecurity & control in mis
Security & control in mis
Vishal Patyal
 
Info and telecom_network_security
Info and telecom_network_securityInfo and telecom_network_security
Info and telecom_network_security
Brijesh Kumar
 
Client Security - Best security for business workstations
Client Security - Best security for business workstationsClient Security - Best security for business workstations
Client Security - Best security for business workstations
F-Secure Corporation
 
Chapter 4
Chapter 4Chapter 4
Chapter 4
Amy McMullin
 
PT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolPT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrol
Shah Sheikh
 

More Related Content

What's hot

Dmitry Kurbatov. Five Nightmares for a Telecom
Dmitry Kurbatov. Five Nightmares for a TelecomDmitry Kurbatov. Five Nightmares for a Telecom
Dmitry Kurbatov. Five Nightmares for a Telecom
Positive Hack Days
 
Cybersecurity Applied to Embedded Systems, Fundamentals of Embedded Systems a...
Cybersecurity Applied to Embedded Systems, Fundamentals of Embedded Systems a...Cybersecurity Applied to Embedded Systems, Fundamentals of Embedded Systems a...
Cybersecurity Applied to Embedded Systems, Fundamentals of Embedded Systems a...
Tonex
 
Hardware, and Trust Security: Explain it like I’m 5!
Hardware, and Trust Security: Explain it like I’m 5!Hardware, and Trust Security: Explain it like I’m 5!
Hardware, and Trust Security: Explain it like I’m 5!
Teddy Reed
 

What's hot (20)

Dmitry Kurbatov. Five Nightmares for a Telecom
Dmitry Kurbatov. Five Nightmares for a TelecomDmitry Kurbatov. Five Nightmares for a Telecom
Dmitry Kurbatov. Five Nightmares for a Telecom
 
Security technologies
Security technologiesSecurity technologies
Security technologies
 
F-Secure E-mail and Server Security
F-Secure E-mail and Server SecurityF-Secure E-mail and Server Security
F-Secure E-mail and Server Security
 
Best corporate end-point protection 2013
Best corporate end-point protection 2013Best corporate end-point protection 2013
Best corporate end-point protection 2013
 
OSB240: What's New in Ivanti Application Control
OSB240: What's New in Ivanti Application ControlOSB240: What's New in Ivanti Application Control
OSB240: What's New in Ivanti Application Control
 
Data/File Security & Control
Data/File Security & ControlData/File Security & Control
Data/File Security & Control
 
Virtual Security
Virtual SecurityVirtual Security
Virtual Security
 
Cybersecurity Applied to Embedded Systems, Fundamentals of Embedded Systems a...
Cybersecurity Applied to Embedded Systems, Fundamentals of Embedded Systems a...Cybersecurity Applied to Embedded Systems, Fundamentals of Embedded Systems a...
Cybersecurity Applied to Embedded Systems, Fundamentals of Embedded Systems a...
 
Powerful email protection
Powerful email protectionPowerful email protection
Powerful email protection
 
Achieving Cyber Essentials
Achieving Cyber Essentials Achieving Cyber Essentials
Achieving Cyber Essentials
 
SOC OEM - Datasheet EN
SOC OEM - Datasheet ENSOC OEM - Datasheet EN
SOC OEM - Datasheet EN
 
Hardware, and Trust Security: Explain it like I’m 5!
Hardware, and Trust Security: Explain it like I’m 5!Hardware, and Trust Security: Explain it like I’m 5!
Hardware, and Trust Security: Explain it like I’m 5!
 
Protection Service for Business
Protection Service for BusinessProtection Service for Business
Protection Service for Business
 
The Importance of Endpoint Protection - Featuring SEP 14
The Importance of Endpoint Protection - Featuring SEP 14The Importance of Endpoint Protection - Featuring SEP 14
The Importance of Endpoint Protection - Featuring SEP 14
 
Internet gatekeeper
Internet gatekeeperInternet gatekeeper
Internet gatekeeper
 
Implementing Continuous Monitoring
Implementing Continuous MonitoringImplementing Continuous Monitoring
Implementing Continuous Monitoring
 
Security assignment (copy)
Security assignment (copy)Security assignment (copy)
Security assignment (copy)
 
Security & control in mis
Security & control in misSecurity & control in mis
Security & control in mis
 
Info and telecom_network_security
Info and telecom_network_securityInfo and telecom_network_security
Info and telecom_network_security
 
Client Security - Best security for business workstations
Client Security - Best security for business workstationsClient Security - Best security for business workstations
Client Security - Best security for business workstations
 

Similar to SecureIoT MVI use case pitch presentation

PT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolPT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrol
Shah Sheikh
 
Integrated-perimeter-protection-solution.pdf
Integrated-perimeter-protection-solution.pdfIntegrated-perimeter-protection-solution.pdf
Integrated-perimeter-protection-solution.pdf
LongJidin1
 
Monitoring and Reporting on IBM i Compliance and Security
Monitoring and Reporting on IBM i Compliance and SecurityMonitoring and Reporting on IBM i Compliance and Security
Monitoring and Reporting on IBM i Compliance and Security
Precisely
 
Effective Security Monitoring for IBM i: What You Need to Know
Effective Security Monitoring for IBM i: What You Need to KnowEffective Security Monitoring for IBM i: What You Need to Know
Effective Security Monitoring for IBM i: What You Need to Know
Precisely
 
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New VulnerabilitiesProtect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Symantec
 
Ooredoo%20Security%20Managed%20Services
Ooredoo%20Security%20Managed%20ServicesOoredoo%20Security%20Managed%20Services
Ooredoo%20Security%20Managed%20Services
Muhammad Mudassar
 

Similar to SecureIoT MVI use case pitch presentation (20)

Chapter 4
Chapter 4Chapter 4
Chapter 4
 
PT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolPT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrol
 
[CLASS 2014] Palestra Técnica - Oliver Narr
[CLASS 2014] Palestra Técnica - Oliver Narr[CLASS 2014] Palestra Técnica - Oliver Narr
[CLASS 2014] Palestra Técnica - Oliver Narr
 
Secured Remote Solutions for Critical Plant Assets
Secured Remote Solutions for Critical Plant AssetsSecured Remote Solutions for Critical Plant Assets
Secured Remote Solutions for Critical Plant Assets
 
Operational Technology Security Solution for Utilities
Operational Technology Security Solution for UtilitiesOperational Technology Security Solution for Utilities
Operational Technology Security Solution for Utilities
 
Sumeet Mandloi: Robust Security Testing Framework
Sumeet Mandloi: Robust Security Testing FrameworkSumeet Mandloi: Robust Security Testing Framework
Sumeet Mandloi: Robust Security Testing Framework
 
Integrated-perimeter-protection-solution.pdf
Integrated-perimeter-protection-solution.pdfIntegrated-perimeter-protection-solution.pdf
Integrated-perimeter-protection-solution.pdf
 
Monitoring and Reporting on IBM i Compliance and Security
Monitoring and Reporting on IBM i Compliance and SecurityMonitoring and Reporting on IBM i Compliance and Security
Monitoring and Reporting on IBM i Compliance and Security
 
Fundamental Best Practices in Secure IoT Product Development
Fundamental Best Practices in Secure IoT Product DevelopmentFundamental Best Practices in Secure IoT Product Development
Fundamental Best Practices in Secure IoT Product Development
 
Effective Security Monitoring for IBM i: What You Need to Know
Effective Security Monitoring for IBM i: What You Need to KnowEffective Security Monitoring for IBM i: What You Need to Know
Effective Security Monitoring for IBM i: What You Need to Know
 
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New VulnerabilitiesProtect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
 
Standardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-VStandardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-V
 
Ooredoo%20Security%20Managed%20Services
Ooredoo%20Security%20Managed%20ServicesOoredoo%20Security%20Managed%20Services
Ooredoo%20Security%20Managed%20Services
 
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETSDISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
 
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETSDISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
 
OSB180: Learn More About Ivanti Endpoint Security
OSB180: Learn More About Ivanti Endpoint SecurityOSB180: Learn More About Ivanti Endpoint Security
OSB180: Learn More About Ivanti Endpoint Security
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
 
The Present and Future of IoT Cybersecurity
The Present and Future of IoT CybersecurityThe Present and Future of IoT Cybersecurity
The Present and Future of IoT Cybersecurity
 

Recently uploaded

Syngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdf
Syngulon
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc
 
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
Muhammad Subhan
 
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptxTales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
FIDO Alliance
 
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
FIDO Alliance
 
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
Skynet Technologies
 

Recently uploaded (20)

JavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate GuideJavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate Guide
 
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
 
Oauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftOauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoft
 
ADP Passwordless Journey Case Study.pptx
ADP Passwordless Journey Case Study.pptxADP Passwordless Journey Case Study.pptx
ADP Passwordless Journey Case Study.pptx
 
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
 
1111 ChatGPT Prompts PDF Free Download - Prompts for ChatGPT
1111 ChatGPT Prompts PDF Free Download - Prompts for ChatGPT1111 ChatGPT Prompts PDF Free Download - Prompts for ChatGPT
1111 ChatGPT Prompts PDF Free Download - Prompts for ChatGPT
 
Vector Search @ sw2con for slideshare.pptx
Vector Search @ sw2con for slideshare.pptxVector Search @ sw2con for slideshare.pptx
Vector Search @ sw2con for slideshare.pptx
 
Syngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdf
 
The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?
 
Overview of Hyperledger Foundation
Overview of Hyperledger FoundationOverview of Hyperledger Foundation
Overview of Hyperledger Foundation
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
 
WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024
 
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
 
Using IESVE for Room Loads Analysis - UK & Ireland
Using IESVE for Room Loads Analysis - UK & IrelandUsing IESVE for Room Loads Analysis - UK & Ireland
Using IESVE for Room Loads Analysis - UK & Ireland
 
Intro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptxIntro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptx
 
2024 May Patch Tuesday
2024 May Patch Tuesday2024 May Patch Tuesday
2024 May Patch Tuesday
 
Cyber Insurance - RalphGilot - Embry-Riddle Aeronautical University.pptx
Cyber Insurance - RalphGilot - Embry-Riddle Aeronautical University.pptxCyber Insurance - RalphGilot - Embry-Riddle Aeronautical University.pptx
Cyber Insurance - RalphGilot - Embry-Riddle Aeronautical University.pptx
 
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptxTales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
 
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
 
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
 

SecureIoT MVI use case pitch presentation

  • 1. SecureIoT Facilitating Supply Chain Resilience 21.10.2020 This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 779899
  • 2. • Communication risk • Intelligent things can be manipulated • Included software not known Facilitating Supply Chain Resilience Supply Chain at risk
  • 3. SecureIoT - Use Case Industrie 4.0 Supply Chain Resilience Example: STUXNET-like Attack • Individualized attack • Slow attack • Probably trained by a lot of publicly available system data Attack-Surface • Attack takes place at the manufacturer - or in a malicious module as spare part or update • System-SW may contain virus base. • The fact that powerful systems are built into Edge means that there is capacity for attacks there. • Unknown sleeping malicious systems (or backdoors, fixed passwords) • Wake up by "signal", e.g. “pattern" in specific product configuration • Problem: Prediction only limited, for "not yet affected systems”
  • 4. Supply Chain Resilience SecureIoT capabilities Security of the operating status is unknown We must observe the operation independently of the machines. SecureIoT is independent observer and analyst. Process Monitoring - Detection of process anomalies (Security Analytics) monitors process data to: • detect attacks • detect operator errors • detect abnormal machine behaviour in early stage supporting predictive maintenance Trustworthiness enables Secure Access (Developer Support) Automated IIoT Configuration Audit (Compliance Audit)
  • 5. SecureIoT – Continuous OT Security Monitoring
  • 6. SecureIoT – Detection and Prediction of Attacks SecureIoT Process Monitoring Part Order Attack Attack AI based Security Analytics • Learning / Training • Process Mining • Pattern recognitionEdge Analytics Future Objective
  • 7. M2M Scheduler M2M – Trustworthiness Evaluation facilitates secure Access Evaluate Process Log- files Calculate Characteristics Trustworthiness Probes ABAC Policy Engine Grants access based on dynamic evaluation of Trustworthiness
  • 8. Automated IIoT Configuration Audit facilitates Resilience Secure IIoT Deployment Push configuration to SecureIoT CMDB Changes trigger Use Case Frontend To be implemented Automatic Request for Audit Automatic Response: Audit ResultUse Case Frontend ABAC Policy Engine – Administrative Backend SecureIoT CMDB Request CIs Respond CIs CMDB Probes 1 4 2 3 5 6 7
  • 9. Takeaways Machines have a long service life and rarely have updates Machines are always the target of massive attacks Supply Chain Resilience facilitated by SecureIoT • Monitoring and anomaly detection through additional and independent IoT devices • Prevention of infection transmission to other machines through trustworthy access • Maintenance of the required security level through secure configuration

Editor's Notes

  1. „Nichts geliefert bekommen, was nicht bestellt ist“
  2. Characteristics include process data